This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4239 Views
  • 0 replies
  • 0 Likes

Resolved! 5250 HA1 over SFP question

I have a customer who is implementing a pair of 5250 in active/passive. The firewalls are in separate DCs that are connected with fibre. It seems HA2 over the SFP ports is OK but HA1 seems to only work over the 2 AUX ports not any of the data ports. The docs say use these ports for SFP+ but it doesn't say NOT to use other SFP ports for HA1. Thou...

Screenshot 2018-05-02 17.14.11.png
PerryK by L2 Linker
  • 3143 Views
  • 2 replies
  • 0 Likes

Scheduling support sessions with end-users

I was just wondering if Palo Alto would consider scheduling support sessions with customers via https://www.timetrade.com/ or something similar. This would help to manage time coordinating support sessions.Thanks,

Resolved! VPN over MetroE

I've been given an L2 handoff from Comcast from our data center to our co-location. I can move switched traffic over the link between the Palos at both sites with no issues. My problem comes when I try to add L3 and a a tunnel to the link. I've set up many site-to-site vpns before, but this is my first time trying to add it to an L2 interface. ...

xauth use on global protect tunnels

how many are using xauth on the global protect tunnels and why ? We are using it because we have users using native clients on PC's and phones (don't want to pay for the mobile license for on)? Let me know what you think and the pros and cons of using xauth

jdprovine by L4 Transporter
  • 5025 Views
  • 7 replies
  • 0 Likes

PaloAlto Networks Discloses Confidential Security Information to Third Parties w/o customer consent

I just was emailed a Palo Alto Networks security report listing information on all of the wildfire submissions from our organization. This email came from a vendor that we had never purchased Palo Alto products from and contained detailed information about our environment. I was shocked and disturbed by this disclosure. Support refered me to ...

JohnWade by L2 Linker
  • 3891 Views
  • 4 replies
  • 0 Likes

Bootstrap the VM-Series Firewall on ESXi

I have an OVA of PA VM-100 series version 8.0.5.I'm trying to follow the article for "Bootstrap the VM-Series Firewall on ESXi" at: https://www.paloaltonetworks.com/documentation/71/virtualization/virtualization/bootstrap-the-vm-series-firewall/bootstrap-the-vm-series-firewall-on-esxi and having some trouble.When preparing the bootstap package i...

Resolved! How do I block Image search?

Hi I am fairly new to Palo's and I am trying to figure out how I can block search engine image searches. I know there are currently no real app-ids that cover this and just wondering if anyone has a way to block all image search results on the big search engines such as google.

Pooch87 by L0 Member
  • 5413 Views
  • 4 replies
  • 0 Likes

SSH decrypt and not decrypt

Hi. I have an ERP server on the inside which must be access from supplier via SSH. Trying both using proxy and no decrypt but always getting Aged out in traffic monitor. I don't have access to the ERP system but I got the routing printed and it looks ok. Any ideas what would be causing aged out? Firewall in the *nix machine? (Trying to get acc...

Resolved! SIP traffic between a Mitel IPBX and a sip server

HI, We have a PA3020 and we are trying to create a trunksip between a Mitel IPBX and a SIP server and it doesn't work. I can't see the traffic in logs even if I create a rule to see it but I can see it if I do "Packet Capture", I see the REGISTER request from the IPBX but no answer from the SIP server. If I use NMAP from another machine and tes...

Resolved! EOL dates

I was looking for EOL announcements for a couple of PA models and found this link: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates. It doesn’t have dates for the 3032 or the 500. I just wanted to confirm this list is up to date or if there are dates posted for the two models mentioned?

Bvance by L2 Linker
  • 5713 Views
  • 3 replies
  • 0 Likes

8.1 clientless VPN missing icons

I just updated my home 220 to 8.1 and my clientless vpn icons no longer show up. I can see them when I click the preview button on the clientless application popup in the management GUI. I tried re adding the icons to the configuration, but they still wont show up when I log into the GlobalProtect portal.

Static Route Removal

Default route via ISP-A (primary) has not yet recovered, even though the monitored IP address (DNS server of ISP-A) is already rechable via the interface connected to ISP-A router. (tested via ping source x.x.x.x host y.y.y.y) I have seen the logs from previous months that the firewall has detected path failure and was able to recover. So I assu...

PNCSE practice questions I don't get at all...

Hello So I'm preparing taking the PNCSE 8.0 certification exam.as part of my prep I took the practice exam on the palo alto site.it went fairly well( 16 wrong, so failed) however an emergency came up so I rushed through and later in reviewing I found a few very stupid mistakes (that I would have picked out if I had reviewed the questiosn before ...

practicequestion-guessing the routing.PNG
practicequestion-confusingformulation.PNG
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks